Lucene search
K

4 matches found

CVE
CVE
added 2025/04/09 4:9 p.m.54 views

CVE-2025-32640

CVE-2025-32640 is a stored XSS in the WordPress plugin Ally – Web Accessibility & Usability (One Click Accessibility). The issue affects the One Click Accessibility component up to version 3.1.0 and requires authenticated access (Administrator+) to exploit. The connected Wordfence disclosure list...

5.9CVSS7.2AI score0.00347EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/09 4:9 p.m.8 views

CVE-2025-32640 WordPress One Click Accessibility plugin <= 3.1.0 - Cross-Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elementor One Click Accessibility allows Stored XSS. This issue affects One Click Accessibility: from n/a through 3.1.0...

5.9CVSS5.7AI score0.00347EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/09 4:9 p.m.22 views

CVE-2025-32640 WordPress One Click Accessibility plugin <= 3.1.0 - Cross-Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elementor Ally pojo-accessibility allows Stored XSS.This issue affects Ally: from n/a through = 3.1.0...

5.9CVSS0.00347EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/09 3:36 p.m.6 views

WordPress One Click Accessibility plugin <= 3.1.0 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability discovered by Ayato Shitomi @ Fore-Z co.ltd in WordPress Plugin Ally versions = 3.1.0...

5.9CVSS6.5AI score0.00347EPSS
Exploits0Affected Software1
Rows per page
Query Builder